CVE-2023-21608
Adobe Acrobat Reader DC resetForm Use-After-Free Remote Code Execution Vulnerability
In short
Adobe Acrobat Reader has a flaw where it tries to use data that has already been freed from memory when handling PDF forms. An attacker can exploit this by sending a malicious PDF file that, when opened, allows them to run code on the victim's computer.
Technical detail
Use-after-free vulnerability in Adobe Acrobat Reader's resetForm function allows remote code execution with user context privileges. Attack vector requires user interaction (opening a malicious PDF file); no authentication or special privileges are needed. Affected versions include 22.003.20282 and earlier, 22.003.20281 and earlier, and 20.005.30418 and earlier.
Summary generated and translated by AI from the official description.
Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
Adobe · Acrobat Readerpublic PoCs found — 2
githubgithub.com/hacksysteam/CVE-2023-21608★ 282githubgithub.com/Malwareman007/CVE-2023-21608★ 12⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →